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EC'S ENCIPHIR: USE SELECTED SERVICE PROVIDER PUBLIC KEY ENCRYPTS 

E SP _ PK (RN EC *PK EC *STD EC ) 



EC PLAIN TEXT: 
PLAIN TEXT EC 



122 



EC COMBINES PLAIN TEXT AND CRYPTOGRAM 
PLAIN TEXT EC *E SP . PK (RN EC *PK EC *STD EC ) 



132 



130 
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EC and Merchant have previously agreed upon the terms of the transaction and 
have jointly selected the same service provider (SP) to handle the transaction. 
This applies to the EC also before the "START" step in FIG. 6A. 
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{[PLAIN TEXT EC *E S p.p K (RN E c*PK EC *STD E c)]*DS EC .Pnva,e-Ke y } 
♦[PLAIN TEXTm*E S p.pk(RN m *PK m *STD m )] 
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MERCHANT HASHES AND PRODUCES A MESSAGE DIGEST MD M 
H «{ [PLAIN TEXT E c*E SP . PK (RN E c*PK E c*STD E c)]*DS E c -Private-Key/ 
* [PLAIN TEXT M *E SP . PK (RN M *PK M *STD M )]» 
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MERCHANT COMBINES : 
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SP separates the DS M . Private . Key from the data portion of the message and hashes the data portion 
of the message to obtain MD A M . SP separates the data portion of the message yielding components: 

(PLAIN TEXTec *CRYPTOEC*DS E C-Private.Key)> PLAIN TEXTm, CRYPTO M) DS M .Private-ICe y 



SP uses SPpnvate-Key to decrypt CRYPTO M to obtain PK M , 
and is used to verify the DS M .pn V ate-Key. 
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(1) SP separates DS EC -p ri vate-Ke y , hashes: H(PLAIN TEXT EC *CRYPTO EC )=MD A EC 
(2) Separates EC's KE request message and becomes: PLAIN TEXT EC , CRYPTO EC , DS^p^^ Key 
C5;SP uses SPpnvate-Key to decrypt CRYPTO EC to obtain PK EC , RN EC , and 
uses PK EC to verify the DS EC - P rivate-Key 
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SP ENCIPHER: USE EC'S PUBLIC KEY E E c.PK(RN S p. E c*RN EC *Skey E c*STD S p. E c) 



SP assigns a Transaction 
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SP'S PLAIN TEXT TO EC: 
PLAIN TEXTsp.ec 
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TIDsp. E c*PLAINTEXT S p. E c*E E c.PK(RNsp-EC*RN E c*Ske yE c*STDsp. E c) 
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SERVICE PROVIDER HASHES AND PRODUCES A MESSAGE DIGEST:H[TID SP . EC 
*PLAINTEXT S p. E c*E E c.p,c(RN S p. E c*RN E c*Skey E c*STDs P .Ec)]=MD S p. E c 
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SERVICE PROVIDER COMBINES PLAIN TEXT AND CRYPTOGRAM 
TID S p.M*PLAINTEXT S p. M *E M .PK(RNs P .M*RNM*Skey M *STD S p. M ) 
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SP HASHES AND PRODUCES A MESSAGE DIGEST : 
H {[TID S p. E c*PLAIN TEXT S p. EC *E E c.p K (RN S p. E c*RN E c*Skey E c*STD E c)] 

*DSsp.Pnvate-Key*[TID S p. M *PLATNTEXT SP . M 
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SERVICE PROVIDER COMBINES: 
«{[TID S p. E c*PLArNTEXT S p. E c*(E E c.PK*RNsp.Ec*RNEC*Skey E c*STD SP - E c)] 
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Step 3 in FIG. 2 



(1) Merchant separates the DS S p. Prjvate . Key . (2) Merchant hashes the data portion of 
the SP's KE response message: H[(Tn) S p- EC *PLAIN TEXT S p. EC *CRYPTO SP . EC ) 

*DS SP . Private .Ke y *(TID S p.M*PLArNTEXT S p.M*CRYPTOsp.M)]=MD A M 

(3) Merchant separates the data portion of the SP's KE response message: 

TIDsp.m, PLAIN TEXT SP . M , CRYPTO SPM , 
[(TIDsp. E c*PLArNTEXT S p. E c*CRYPTOsp. E c)]*DSsp -Private-Key 

(4) Merchant verifies: D S p.p ub ii C . Key (DS S p.p ri vate-Key )=MD M (Refer to FIG. 5) 




MERCHANT DECIPHIER: D Merchant .p rivate .Ke y (CRYPTO S p.M ) 

= DMerchant-Private-Key [EMerchant-Public-Key(RNsP-M*RNM* SkeV M * STD SP . M )] 

Recover RN M , Is RN M identical with RN M in step 148 FIG. 6B? If yes, then 
(1) Merchant forwards SP's KE response message to EC: 
(TID SP . EC *PLAIN TEXT S p. EC *CRYPTOsp. E c* DS SP . Private . key ) to step 260 FIG. 6H 
(2) Merchant prepares transaction phase of the transaction to step 244 FIG. 6 H 
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to Merchant (see 238): RN SP . M 



Merchant's sensitive transaction 
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MERCHANT'S ENCIPHIRS: USE SP'S SESSION KEY FOR MERCHANT: 
Skey M (RN S p. M *STD M *AlM*TA)=CRYPTO M 
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Transaction Identification Number SP (see 218) 
assigned to merchant (see 232): TID SP . M 
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to SP: PLAIN TEXTju_ 
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Step 4 in FIG. 2 



(1) EC separates the DS S p-private-Key> and hashes the data portion of the message: 

H(TID sp .ec*PLAINTEXT sp . E c*CRYPTOsp. E c)=MD a sp-ec 

(2) EC separates: TID sp .ec, PLAIN TEXT SP . EC , CRYPTO SP . EC , DS SP _ Private . key 
(3) EC verifies: D SP . public . Key (DSsp-ftjv,teW=MDsp.Ec (Refer to FIG.5) 
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EC'S ENCIPHIR: USE SP'S SESSION KEY FOR EC: 
Skey EC (RN SP . EC *STD EC *AI EC *TA)=CRYPTO EC 
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Transaction Identification Number SP (see 194) 
assigned to EC (see 260): TID SP . Fr: 
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EC's PLAIN TEXT: 
PLAIN TEXT Rr 
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EC COMBINES: TID EC *PLAIN TEXT EC *CRYPTO EC 



282 



EC HASHES AND PRODUCES A MESSAGE DIGEST: 
H[Tro SP _ EC *PLArNTEXT EC *CRYPTO EC ]=MD EC 
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USE EC'S DIGITAL SIGNATURE GENERATOR: 
E EC-Private-Key( MD Ec) =D S EC . Private . Key 
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EC COMBINES: [TID SP . EC *PLAIN TEXT EC 
*Skey EC (RN SP . EC *STD EC *AI EC *TA)]*DS EC 

-Private-Key 
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MERCHANT COMBINES: 

[TID SP . EC *PLAINTEXT E c*Skey E c(RN SP . E c !,: STD E c*AI E c*TA)]*DS E c.Pnva te -Key 
*[TID S p. M *PLAINTEXTM*Skey M (RNsp.M*STDM*AlM*TA)] 

=(TID sp .ec*PLAIN TEXT EC *CRYPTO ec )*DS ec -Private-Key 
*(TID SP -m*PLAIN TEXT M * CRYPTO m ) 
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MERCHANT HASHES AND PRODUCES A MESSAGE DIGEST: 
H[(TID SP -EC*PLArN TEXT EC *CRYPTO EC p)*DS EC -Private-Key 
*(TID S p. M *PLAINTEXT M * CRYPTO M )]=MD M 
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USE MERCHANT'S DIGITAL SIGNATURE 
GENERATOR: E M . Private .Ke y (MD M )=DS M -Private-Key 
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MERCHANT COMBINES : 
{[TID S p.Ec*PLAINTEXTEc*Skey E c(RN SP .Ec*STD E c*AI E c ,|t TA)]*DS E c -Private-Key 
nTID SP . M *PLAINTEXT M *Skey M (RN S p. M *STD M *AI M *TA)]}*DS M .p rivate .Ke y 
=[(TIDsp. E c*PLAIN.TEXT E c*CRYPTO E c)*DS E c -Private-Key 
*(TID SP . M *PLAIN TEXT M * CRYPTO M )]*DS M -Private-Key 
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(1) SP checks TID SP . M and TID SP . EC to make sure they are valid (see 218 and 194), 
if one of them is invalid then rejected 308. ^SP separates DSM.pnvate.Key. 

(3) SP hashes the data portion of the transaction request message obtains MD A M . 

(4) SP separates the data portion of the transaction request message and obtains: 

TID SP . M , PLAIN TEXT M , CRYPTO M) DS M .p rivate . K e y , 
(TID S p.EC*PLAINTEXT EC *CRYPTO E c)*DS E c -Private-Key 
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FROMSTEP306 FIG. 6J^U 
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Use PK M to verify the DS M . Private . Kev , Is MD A M =MD M ? (Refer to FIG. 5) 
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Skey M decrypts CRYPTO M , recovers RN SP _ M , RN 
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(1) SP separates DS EC _ Private _ Key , hashes the data portion of EC's transaction request 
message: H(TID S p. EC *PLArN TEXT EC *CRYPTO EC )=MD A EC 
(2) SP separates and obtains:TID S p. EC , PLAIN TEXT EC , CRYPTO EC , DSEc^v^Kgy 
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SP uses PK EC to verify DS EC . Private . Kev , Is MD A EC =MD EC ? (Refer to FIG. 5) 
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Skey M decrypt CRYPTO EC , recovers RN SP . EC , RN SP . EC =RN SP . EC in 184 FIG. 6D? 
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SP USES Skey EC TO ENCRYPT: E skev . EC (Response Data SP . EC )=CRYPTO SP . EC 



Transaction Identification Number SP 
(see 194) assigned to EC: TID SP . EC 

(— 342 



SP'S PLAIN TEXT TO EC: 
PLAIN TEXT SP . EC 
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SERVICE PROVIDER COMBINES : TID S p. EC *PL ATN TEXT SP . EC 
^skey-Ec(ResponseData S P , EC )=TID S p, EC *PLAiNTEXT S p. EC *CRYPTO SP , EC 

(— 340 
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SERVICE PROVIDER HASHES AND PRODUCES A MESSAGE DIGEST 
H[TID sp .ec*PLAIN TEXTsp. E c*Eskey-Ec(Response Data S p. E c)]=MD S p. EC 
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USE SERVICE PROVIDER'S DIGITAL SIGNATURE 
GENERATOR : Esp.p rivate . Key (MDsp- E c)=DS S p 
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SERVICE PROVIDER COMBINES : 
[TID SP . EC *PLAIN TEXT S p. EG *E Skey . EC (Response Data S p. EC )]*DS S p 

-Private-Key 

= (TID SP . EC *PLAIN TEXT SP . E c*CRYPTO S p. EC )*DS SP 

-Private-Key 
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SP USES Skey M TO ENCRYPT: Es ke y M (Response Datasp.M)=CRYPTO S p. 
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218) assigned to Merchant (see 232): TID sp .m 
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SP's plain text to merchant: 
PLAIN TEXT sp .m 
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SERVICE PROVIDER COMBINES: TID SP . M *PLAIN TEXT SP . M 
*E skey -M(Response Data S p. M )=TIDsp.M*PLAIN TEXT sp . m *CRYPTOsp.m 
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SERVICE PROVIDER COMBINES: 
[(TID S p. E c*PLAIN TEXT SP . E c*E Skey . EC (Response Data S p. EC )]*DS S p -Private-Key 
*[TID SP . M *PLAIN TEXT S p. M *E Skey . M (Response Data S p. M )] 
=[(TID SP . EC *PLAIN TEXT S p. E c*CRYPTO SP .Ec) !,, DSsp -Private-Key 
*(TID S p. M *PLAINTEXTsp.M*CRYPTO S p. M )] 
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SERVICE PROVIDER HASHES AND PRODUCES A MESSAGE DIGEST : 

H[(TID SP . E c*PLAINTEXT S p. E c*CRYPTO S p.Ec)*DS S p. Private . Key 
*(TID S p.m*PLAINTEXT S p.m*CRYPTO sp .m)1=MD s 
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TO STEP 368 FIG. 6M 



TO STEP 372 FIG. 6M 
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FROM STEP 364 FIG. 6L FROM STEP 366 FIG 6L 
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USE SERVICE PROVIDER'S DIGITAL SIGNATURE 
GENERATOR : E S p_p rivate . Key (MD S p_ M )=DS S p_ Private _ Key 


r ( 370 v ( — -368 


SERVICE PROVIDER COMBINES: 
« {[TID SP . EC *PLAIN TEXTsp.EC*E skey -Ec(Response Data S p. EC )]*DS SP . Private . Key } 
*[TID S p. M *PLAINTEXTsp-M*E Skey . M (ResponseData S p. M )]»*DS S p. Private . tCey 
=[(TID sp . EC *PLAINTEXTsp.Private-Key*CRYPTO S p. EC )*DS S p. Private . Key 
*(TID S p. M *PLAIN TEXT sp .m*CRYPTO sp . m )]*DS SP . Private . Key 


1 SECOND PARTY 
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M l (SERVICE PROVIDER) 
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1 COMPUTER UNIT 
^ (MERCHANT) 
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(I) Merchant checks TID SP . M to make sure it is valid (218 and 232), if not rejected 376. 
(2) Merchant separates DS SP _ Private _ Key . (3) Merchant hashes the data portion of the 
message obtains MD A SP . M . (4) Merchant separates the data portion of the message: 

TID SP . M , PLAINTEXTS^, CRYPTO sp _ m , DS SP . Private . Key 
Prepare to forward (TID S p_ EC *PLArN TEXT S p-EC*CRYPTO SP _ EC *DS S p_ Private _ Key ) 


^ TID SP . M 


is invalid 


( 374 
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REJECTED 
( 376 


(1) Merchant use SP's session key for merchant received and decrypted 238 FIG. 6G: 
I>Skey-M(CRYPTO S p. M )=D Skey . M [E skey . M (Response Data SP . M )] 
(3) Merchant use SP Publice . Key to verify DS SP . Private . Key (Refer to FIG. 5) 
D SP-Public-Key( DS SP- P rivate-Key ) =md sp-m» When MD SP . M equal to MD A SP . M then, 
send (TID S p. EC *PLAIN TEXTsp.EC*CRYPTO S p_ EC *DS S p_p rivate _ key ) to 394 FIG 6N 
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TO STEP 380 FIG. 6N 
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FROM STEP 370 FIG. 6M 




Merchant's 
acknowledgement data to SP 
Acknowledgement Data M 
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MERCHANT'S ENCIPfflR: USE SP'S SESSION KEY FOR MERCHANT: 
Skey M (RN SP . M *Acknowledgement Data M )=CRYPTO M 
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Transaction Identification Number assigned by 
SP (see 210 ) to Merchant (see 224 ): TID SP . M 



390 



Merchant's Plain Text to 
SP: PLAIN TEXT M 



392 



MERCHANT COMBINES: TID SP . M *PLAIN TEXT M * CRYPTO 



M 



388 



FIRST PARTY 
COMPUTER UNIT 
(MERCHANT) 



—►TO STEP 422 FIG. 6P 

Merchant forwards SP's message 
for EC; Step 8 in FIG. 2 



ELECTRONIC CARD 
COMPUTER UNIT 
(ORIGINATOR) 




(1) EC checks TID S p_ec to make sure it is valid (194, 260). If not valid rejected 396. 
(2) EC separates DS S p.private-Key (V EC hashes the data portion of the message 
obtains MD A SP . EC . (4) EC separates the data portion of the message: 
TIDsp-ec, PLAIN TEXTsp.ec, CRYPTO SP -ec, DS sp -Private-Key 



TO STEP 398 FIG. 60 



REJECT 



TID SP . EC is invalid 
- 396 



394 



FIG. 60 

\—^FROM394 FIG. 6N 



(1) EC uses SP's session key for EC that received and decrypted in step 
266 FIG. 61: D Skey . E c(CRYPTOsp. E c )=D S key-EC [E Skey . EC (Response Data SP . E c)] 
(2) EC use D SP . Public . Key to verify DSsp^vate-icey (Refer to FIG. 5) 

DsP-Public-Key(DSsP-private-Key)=MD S p.EC, Is MD S p. E C equal to MD A SP . EC ? 









( 398 


p 402 


NO 

< =rT^^ 




r r 400 


REJECT 


Is MD A SP . EC equal to MD SP . E clZZ^- ::= =s " 


y 406 




YES 




EC's acknowledgement data to SP 
Acknowledgement Data Fr 






r 404 , 


r 




r 



EC'S ENCIPHIR: USE SP'S SESSION KEY FOR EC: 
Skey EC (Acknowledgement Data EC )=CRYPTO EC 



Transaction Identification Number assigned 
by SP (see 186) to EC (see 252) :TDDs P . EC 



410 



EC'S PLAIN TEXT TO 
SP: PLAIN TEXT EC 



I 



412 



EC COMBINES: TID S p. EC *PLAIN TEXT EC *CRYPTO EC 



408 



EC HASHES AND PRODUCES A MESSAGE DIGEST: 
H[TID S p. E c*PLAINTEXT E c*CRYPTO E c]=MD E c 



tz: 



READ EC'S 
Private Key 



414 



USE EC'S DIGITAL SIGNATURE GENERATOR: 
EEC-Private-Key( MP Ec) = PS E c-Private-Key 



418 



416 



EC COMBINES: 

[TID S p. EC *PLArN TEXT EC * Skey EC (Acknowledgement Data EC )] *DS Ec . Private .Key 



TO STEP 422 FIG. 6P 



420 



-Step 9 in FIG. 2 



[ 



ELECTRONIC CARD 
COMPUTER UNIT 
(ORIGINATOR) 



FIG. 6P 



NETWORK? 



FROM STEP 420 FIG. 60 



FROM STEP 388 FIG. 6N 



MERCHANT COMBINES : 
{[TID S p. EC *PLATN TEXT EC *Skey E c(AcknowledgementData E c)]*DS E c.Private-Key} 
*[TIDsp-m*PLATN TEXT M *Skey M (Acknowledgement Data M )] 



422 



MERCHANT HASHES AND PRODUCES A MESSAGE DIGEST: 
H«{[TID S p. EC *PLATN TEXT EC *Skey EC (Acknowledgement Data EC )] 

*DS EC .p ri vate-Key} *[TID SP .M*PLArN TEXT M 

*Skey M ( Acknowledgement Data M )]»=MD M 



READ MERCHANT'S 
Private Key 



424 



USE MERCHANT'S DIGITAL 
SIGNATURE GENERATOR: 

^M-Private-Key (^PM) = P^M-Private-Key 



428 



426 



MERCHANT COMBINES: 
«{[TID SP . EC *PLAIN TEXT EC *Skey EC ( Acknowledgement Data EC )] 

*DS EC . P nvate.Key} *[TnD S p.M*PLAIN TEXT M 

*Skey M ( Acknowledgement Data M )]»*DS M . Pri vate-Key 
={[(TID SP . EC *PLATNTEXT E c*CRYPTO E c)*DS EC 

-Private-KeyJ 

*(TID SP . M *PLAIN TEXT M *CRYPTO M )} *DS M -Private-Ke y 



FIRST PARTY 
COMPUTER UNIT 
(MERCHANT) 



430 



-Step 10 in FIG. 2 



SECOND PARTY 
COMPUTER UNIT 
(SERVICE PROVIDER) 



TO STEP 432 FIG. 6Q 




FIG. 6Q 



FROM STEP 430 FIG. 6P 

i 



432 



(1) SP checks TID SP . M and TID SP . EC to make sure it is valid (see 218 and 194 ), 
if one of them is not valid then rejected 434. (2) SP separates DS M . Private _ Key . 

(3) SP hashes the data portion of the message obtains MD A M . 
(4) SP separates the data portion of the message: TID SP . M , PLAIN TEXT M , 

CRYPTOm, DS M -Private-Key, (TID SP , EC *PLAIN TEXT E c*CRYPTO E c)*DS E c. Pri vate-Key 



i r < ^ -Either TID SP . M 


r J"436 


REJECT or tid SP-ec is invalid 


434 i 


SP uses PK M (see 150 and 170) to verify the decrypt DS M . Private . Key (Refer to FIG. 5). 

DM-Public-Key(DS M -Private-Key) = MD M , Is MDm=MD a m ? 




SP uses Skey M (see 210) to decrypt CRYPTO M ,and obtains Acknowledgment Data M 




r 444 


(1) SP separates DS EC . PriV ate-Key> (2) hashes the data portion of EC's acknowledgement 

message: H(TJJD S p-ec*PLAIN TEXT ec *CRYPTO ec )=MD a ec 
(3) SP separates and obtains: TID SP . EC , PLAIN TEXT EC , CRYPTO EC , DS EC . Pri vate-Key 




r 446 


SP uses PK EC (see 126 and 176) to decrypt DS EC . Private . Key (Refer to FIG. 5). 

DEC-Public-Ke y (DS E c-Private-Ke y ) = MD EC , Is MD EC =MD A EC ? 


r 450 


r 448 



REJECT 



MD A EC = MDjc?. 





r YES 


y 452 


SP uses Skey EC (see 186) to decrypt CRYPTO EC , and obtains Acknowledgment Data EC 


END OF TRANSACTION PHASE 


r 454 






TRANSACTION COMPLETED 
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SERVICE PROVIDER(SP) 
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